Cybersecurity Fundamentals

Data Security Fundamentals

• Data masking is a technique used to hide sensitive information by replacing it with fictional data.
• Data encryption at rest is necessary to ensure data security, even if data is encrypted during transmission.
• A Denial of Service (DoS) attack attempts to make a machine or network resource unavailable to its intended users.
• Two-factor authentication (2FA) enhances security by requiring two forms of verification before granting access.
• Ransomware encrypts the victim's data and demands payment for the decryption key.
• Encrypting data ensures that it cannot be accessed by unauthorized users.
• Data integrity refers to the accuracy and consistency of data over its lifecycle.

Threats and Attacks

• A Man-in-the-middle attack involves the attacker intercepting and altering communication between two parties.
• Phishing attacks involve tricking users into providing sensitive information through deceptive emails or websites.
• A Distributed Denial of Service (DDoS) attack aims to make a system unavailable by overwhelming it with traffic.
• Zero-day vulnerabilities are security flaws that are known to the software vendor but not yet patched.

Security Measures

• Keeping your operating system and software up to date reduces your risk of infection.
• Strong passwords are at least 8 characters long and include a mix of letters, numbers, and symbols.
• A firewall is used to prevent unauthorized access to a network.
• SSL/TLS certificates are used to establish a secure, encrypted connection between a web server and a client.
• Using secure coding practices helps prevent vulnerabilities in software that could be exploited to access data.

Network Security

• Network Intrusion Detection Systems (NIDS) detect and alert on suspicious network activity.
• A firewall can prevent attacks by blocking malicious traffic, but it is not a guarantee against all types of malware.
• Access control mechanisms are used to restrict access to data based on user roles.

Data Management

• Data classification involves categorizing data based on its sensitivity and importance to the organization.
• Data retention policies define how long data should be kept and when it should be deleted.
• Regular data backups are a crucial part of data management and IT security.

Physical Security

• Physical security is concerned with protecting facilities from environmental hazards like fire or flooding, as well as securing hardware from theft.
• Having strong physical security measures in place can mitigate the risks posed by insider threats.

Other

• Spyware is a type of malware designed to gather information about a person or organization without their knowledge.
• Symmetric encryption is a method to ensure that even if the database is compromised, the information remains secure.
• Auditing and monitoring data access logs are necessary to ensure data security, even if access controls are in place.